Businesswoman working with tablet while coaching a couple.
IT Thought Leadership

How VMware IT Built, Runs, and Manages Modern Apps Platform

by: VMware IT Director Sarita Kar, VMware Senior Director for IT Application Operations Varinder Kumar, and VMware IT Manager Manas Singh

Why is moving to a modern app platform necessary? How do we decide which apps to modernize? These are just two of the questions that organizations across the globe face during their app modernization journey. Let’s explore how VMware, as an organization, handles these questions and how VMware IT built, runs, and manages its modern app platform powered by VMware Tanzu®.

Factors driving the need to move to a modern app platform

VMware Senior Director for IT Application Operations Varinder Kumar explained that the starting point is empathy for users and stakeholders of the app, along with the developers and operators who build and run applications. Building traditional apps does not account for the technical debt (additional rework) that accumulates over time.

At VMware, we realized early that we needed to switch to a model that supports agility in each facet of the application lifecycle, be it for the user, developer or operator. This led us to visualize a modern application platform to support all the personas who interact with the applications. When we started on this journey, it was with a small application that was refactored into three or four microservices.

We gained valuable insights after running these refactored microservices, which helped us identify that agility for an enterprise can be achieved by focussing on three primary pillars:

  1. Scalability
  2. Manageability
  3. Observability.

When we focused on these key pillars, we made great progress. The choice of apps to modernize is easy—the ones that need agility and are able to sustain the rapid pace of change are the right candidates for modernization.

Why VMware Tanzu

VMware Tanzu products address the above-mentioned pillars and provide the capability to achieve required agility at the platform level so we can make do with a small platform team and a large team of developers who focus only on developing the applications needed.

Regarding scalability, we chose VMware Tanzu® Application Service and VMware Tanzu® Kubernetes Grid as the heart of our modernization journey. These platforms-as-a-service (PaaS) offerings provided us with the required on-the-fly scaling capabilities. We are now able to spin up workloads based on the load conditions.

For manageability, both Tanzu Kubernetes Grid and Tanzu Application Service, provided the facility of seamless patching and upgrades, without affecting the workloads.

Finally, imagine the challenges of observability when you have a platform that scales easily. If you consider the traditional environments, monitoring had to be configured manually or custom automation needed to be written. Manual work does not scale, whereas custom automation requires much attention. We addressed both challenges by adopting VMware Tanzu® Observability by Wavefront for our entire stack. It provides an out-of-the-box dashboard for Tanzu Kubernetes Grid and Tanzu Application Service platforms, which enabled the visualization of metrics almost immediately. It also provided us with extensive alerting options out of the box.

Specific rearchitecting to run applications on modern app platform

After a comprehensive review of our application stack, we categorized applications into four buckets—candidate for rearchitecture, rehost, replatform, and retire. We then formed a plan for each bucket.

At the end of this exercise, we had a large pool of applications that were modern application platform-ready. These applications could effectively follow cloud-native principles and be hosted based on any infrastructure, whether public or private cloud, or a combination of both. A specific example of this reliance on infrastructure is applications that use network file system (NFS) as the backend store; during rearchitecture, we ensured that this moved to an object store based on backend storage, thus facilitating migration to any type of cloud.

How VMware handles deployments

We ensure that centralization is at the core of our deployment strategy. The driving objective for this was “anytime, anywhere deployment.” As long as we have an endpoint infrastructure available, our pipelines can be targeted to that and bring up the applications as needed. This helped us make progress on our availability targets. If you look at our modern application platform, you will see that deployment pipelines based on VMware Aria Automation (previously VMware vRealize Automation) are an intrinsic part of the platform itself. These pipelines not only help us deploy applications but help with some parts of the infrastructure as well.

Anytime, anywhere deployment is something that developers always want to hear, and we provide them that flexibility. So, we figured out how to rearchitect the applications and deploy them, but there still remains another important concern—security.

How VMware ensures security

We implement security at multiple layers. Some measures are built into the platform, whereas others are executed on the artifacts, and some are executed on the runtime instances of the artifacts. Examples of these are:

  1. Using certified base images from VMware Application Catalog (previously VMware Tanzu® Application Catalog) for any artifacts we build before deployment.
  2. Using application vaults for storing the credentials required by applications to run our DevOps pipelines; pick these credentials from the vault instance so no manual intervention is necessary to push the credentials wherever needed at deployment time.
  3. Ensuring encryption of data at rest.
  4. Ensuring use of SSL for data in transit.
  5. Deploying micro-segmentation rules for only authorized endpoint access.

Difference between modern app platform and conventional application operations

The biggest driving factor toward a modern application platform is agility. Considering that, each component is designed for agility, everything from self-service access to a namespace to automatic hostname configuration for accessing freshly deployed applications is implemented in ways to support agility. This is compared to with conventional application operations, in which everything does not work automatically and in most cases, manual intervention is needed to run day-to-day operations.  

Future of the VMware modern app platform

  1. Agility and self-service for all personas that interact with the modern application platform 
  2. Zero Trust-related checks and processes baked into the platform, application, and pipelines for security
  3. More focus on hybrid cloud/multi-cloud deployments. Also, fewer ties into a specific type of infrastructure
  4. Running applications out of any infrastructure, private or public cloud.

For more information, listen to the fifth episode of our Digital Transformation series and read our app modernization blogs.

The topic continues to evolve, so contact your account team to schedule a briefing with a VMware IT expert to hear the latest. For more about how VMware IT addresses queries related to modern apps, check out more blogs on the topic. For other questions, contact vmwonvmw@vmware.com.

We look forward to hearing from you.

VMware on VMware blogs are written by IT subject matter experts sharing stories about our digital transformation using VMware products and services in a global production environment. To learn more about how VMware IT uses VMware products and technology to solve critical challenges, visit our microsite, read our blogs and IT Performance Annual Report and follow us on Twitter, YouTube and SoundCloud. All VMware trademarks and registered marks (including logos and icons) referenced in the document remain the property of VMware.

Comments

2 comments have been added so far

Leave a Reply

Your email address will not be published.